# Gavin Andresen
# 2012-12-14 14:14:14
# https://bitcointalk.org/index.php?topic=130749.msg1399620#msg1399620

CAs will issue you multi-domain certificates for not a WHOLE lot more than a single-domain certificate, which suggests to me a possible short-term workaround/hack until DNSSEC/DANE is widely deployed. @p{par}

Get a certificate that is valid for these subdomains: @p{brk}
   merchant.com @p{brk}
   @s{(link)} @p{brk}
   BaseBitcoinAddress.merchant.com  (e.g. 1gavinR2Y6RiHnEbf3sJBGbbKTc5t66do.merchant.com ) @p{par}

(in X.509 speak: Subject Alternative Names) @p{par}

Payment requests from the merchant would include that certificate and the full public key (or script) that corresponds to 1baseBitcoinAddress. @p{par}

Bitcoin clients would have to notice that the merchant's SSL certificate included a bitcoin address as one of the top-level domains, and would need to reject any payment requests that didn't include the full public key/script (and would always pay to BaseBitcoinAddress*hash(payment_request) where '*" is whatever hierarchical deterministic wallet scheme we decide we like). @p{par}


@p{hrule}
Reasons not to do this or why it might not work: @p{par}

* It is a hack. @p{brk}
* domain names are not case-sensitive (GOOGLE.com and google.com are the same); bitcoin addresses are. @p{brk}
* The extra cost to the merchant for the multi-domain cert might not be worth the incremental security benefit; if they have good monitoring (which they should), then they should detect an attacker's intrusion within minutes and so their potential loss might be tiny. @p{par}


@p{hrule}
Edited, to add references to relevant standards: @p{par}

X.509 certificates for the Internet: @p{brk}
@s{(link)} @p{par}

Subdomain names must be less than 63 characters and start with a letter: @p{brk}
@s{(link)} @p{par}